Programmatically check private key and public key cert?

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Programmatically check private key and public key cert?

pratyush parimal
Hi,

Hope everyone is having a good new year so far!

I'm trying to find a way to make sure that a private-key/public-key-cert pair I'm given, will absolutely work when I stick  them into my SSL_CTX* object and try to use that for ssl. Short of trying to simulate a test ssl connection over localhost for testing them out, is there a way to ensure that?

After googling, it seems that I may be able to verify that by comparing the modulus from the key and the cert. Does anyone know if that's sufficient, and how to do it programmatically?

I was also wondering if I should just try to perform an encrypt-decrypt sequence using the pair I have, and use the success of that as confirmation that my ssl connection will work later, as far as the certs are concerned. Would that be the right way to go about it?

What do you guys think?
Thanks in advance!
- Pratyush

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Programmatically check private key and public key cert?

Karl Denninger
On 1/11/2018 09:28, pratyush parimal wrote:
Hi,

Hope everyone is having a good new year so far!

I'm trying to find a way to make sure that a private-key/public-key-cert pair I'm given, will absolutely work when I stick  them into my SSL_CTX* object and try to use that for ssl. Short of trying to simulate a test ssl connection over localhost for testing them out, is there a way to ensure that?

After googling, it seems that I may be able to verify that by comparing the modulus from the key and the cert. Does anyone know if that's sufficient, and how to do it programmatically?
If you call SSL_CTX_check_private_key() on your context it will return "0" if the private key and certificate you have loaded do not match (and thus won't work.)  If you get a "1" back then provided you have a set of ciphers declared (or the defaults) that are compatible on both ends so the code can negotiate a cipher set then it should work.

There is no guaranteed way to know if a connection will work from some other piece of code you don't control, however, because it's entirely possible for the other end to try to insist on (or only be able to support) a protocol you have disallowed (e.g. SSLv3) or for there to be no intersection between the cipher sets allowed by both sides and the certificate and key constraints (never mind certificate validation, if you are checking it.)


I was also wondering if I should just try to perform an encrypt-decrypt sequence using the pair I have, and use the success of that as confirmation that my ssl connection will work later, as far as the certs are concerned. Would that be the right way to go about it?

IMHO see above.

--
Karl Denninger
[hidden email]
The Market Ticker
[S/MIME encrypted email preferred]

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

smime.p7s (6K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Programmatically check private key and public key cert?

Viktor Dukhovni
In reply to this post by pratyush parimal


> On Jan 11, 2018, at 10:28 AM, pratyush parimal <[hidden email]> wrote:
>
> After googling, it seems that I may be able to verify that by comparing the modulus
> from the key and the cert. Does anyone know if that's sufficient, and how to do it
> programmatically?

It may be useful to note that ECDSA keys don't have a modulus, that's RSA-specific,
so a more general approach is to compare public keys.  A more broadly applicatble
command-line test is:

   #! /bin/sh
   certfile=$1; shift
   keyfile=$1; shift

   certid=$(openssl x509 -in "$certfile" -noout -pubkey |
            openssl pkey -pubin -outform DER |
            openssl dgst -sha256 -binary |
            hexencode -ve '/1 "%02x"')
   keyid=$(openssl pkey -in "$keyfile" -pubout -outform DER |
           openssl dgst -sha256 -binary |
           hexencode -ve '/1 "%02x"')
   if [ "$certid" != "$keyid" ]; then
      echo "Certificate in $certfile does not match key in $keyfile" >&2
      exit 1
   fi

Karl Denninger <[hidden email]> already explained how key/cert correspondence
can be checked when loading the key and cert into an SSL_CTX.

The certificate should have appropriate an appropriate keyUsage and/or
extendedKeyUsage for the purpose at hand (TLS Server Authentication?).

--
        Viktor.

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users